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DETAILED ACTION 

Continued Examination Under 37 CFR 1.114 

A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 
1.17(e), was filed in this application after final rejection. Since this application is eligible for continued 
examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the 
finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's 
submission filed on 01/28/201 1 has been entered, a duplicate of which was filed on 02/24/201 1. 
Applicant has amended claim 1 and has cancelled claims 3-6 and 9. Claims 1, 2, 8, and 10-24 are 
presented for examination on the merits. 

Response to Arguments 

Applicant's arguments have been carefully considered, but are not deemed persuasive of error in 
the rejection. 

Applicant argues that the prior art does not teach or suggest dynamically encrypting the biometric 
features, the method of encryption being selected based on factors including computing power or the 
registration computer and the server, and network bandwidth. The examiner respectfully disagrees. 
Uchida teaches that the ciphered biometric data is obtained and compared to deciphered biometrics in the 
database for verification - see column 5 lines 36-52, for example. Therefore, it is clear that it is the 
intention of Uchida to encrypt both the stored features (since they are deciphered) and the inputted 
features, and the stored features were encrypted prior to the input of the verification features. Further, 
Lindo teaches that a method of encryption may be selected based on the available bandwidth, as discussed 
in the previous office action. This is beneficial because it allows the system to remain functional without 
having to perform major system upgrades to accommodate a high-bandwidth consuming algorithm. 
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Although the references do not expressly teach that the encryption method is also selected based on 
computing power, it is clear that a method would not be selected where the devices do not have enough 
computing power to process the encryption in a timely manner, or else the method would be inefficient 
and non-functional without upgrades. Therefore, the skilled artisan would know that when selecting the 
encrypting method based on the bandwidth, as taught by Lindo, the user would certainly take into 
consideration if the computing devices could not handle certain types of encryption, for example. 

Applicant has not specifically argued an error in the rejection set forth in the previous office 
action regarding the use of Uchida, Bianco et al. and McCabe et al., as applied to limitations such as 
backup server, spatially separated, different country, etc. The applicant has only argued how the 
references do not teach selecting the method of encryption. Therefore, this rejection is maintained, as 
they now apply to claim 1. 

Claim Rejections - 35 USC § 103 

1. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 

rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, it" the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

2. Claims 1, 2, 8, and 10-14 are rejected under 35 U.S.C. 103(a), as being unpatentable over 
Uchida (US 7,246,243) in view of Lindo et al. (US 2002/0099858) and Bianco et al. (US 6,256,737), 
and further in view of McCabe (US 2002/0095317). 

3. Regarding claims 1 and 10, Uchida teaches a method of electronically identifying and verifying 
an individual utilizing at least one biometric feature of the individual including the steps of: 

4. Enrolling an individual into a database including: 
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a. Inputting required particulars of the individual into the database and ascertaining the 
existence or otherwise of the particulars of the individual in the database (A user ID and 
fingerprint are sent to the processor to see if the individual is registered in the system or not) - see 
figure 13, column 2 lines 39-57, column 3 line 64 - column 4 line 18, column 4 line 56 - column 5 
line 3, and column 5 lines 17-24, for example. 

b. Capturing biometric features of the individual wherein key features of the biometric raw 
data are extracted (When a user's fingerprint is captured, features, such as ridge patterns, are 
extracted) - see figure 13, column 2 lines 39-57, column 3 line 64 - column 4 line 18, column 4 
line 56 - column 5 line 3, and column 5 lines 17-24, for example. 

c. Encrypting in a dynamic manner the biometric features (The ID and fingerprint come 
from the encryption unit, and therefore are intended to be encrypted, or at this would have at least 
been obvious to the skilled artisan for the purpose of basic security) -see figure 13, column 2 lines 
39-57, column 3 line 64 - column 4 line 18, column 4 line 56 - column 5 line 3, and column 5 
lines 17-24, for example. 

d. Transmitting the encrypted data of the biometric features to the server and storing the 
encrypted data in relation to the particulars of the individual obtained above (The encrypted data 
is transmitted to an authentication server) - see figure 13, column 2 lines 39-57, and column 3 line 
64 - column 4 line 18, for example. 

5. Verifying an individual in the database including: 

e. Activating an access apparatus (capable of recording data) with a means to capture at 
least one biometric feature of an individual in a secure manner using dynamic encryption (A 
user's fingerprint is detected by a fingerprint sensor and is encrypted) - see figure 13 and column 
3 line 64 - column 4 line 18, for example. 
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f. Capturing the biometric feature of an individual wherein key feature of biometric raw 
data are extracted (A user's fingerprint is captured, and features, such as ridge patterns, of the 
fingerprint are extracted) - see figure 13 and column 3 line 64 - column 4 line 18, for example. 

g. Encrypting in a dynamic manner the biometric features (The features are encrypted using 
a secret key generated by a cipher key generator) - see figure 13 and column 3 line 64 - column 4 
line 18, for example. 

h. Transmitting the encrypted data of the biometric feature to at least one server in the 
access apparatus or to at least one server spatially separated from the access apparatus, wherein in 
a first attempt, the access apparatus will attempt to send the encrypted data to the spatially 
separated server (The encrypted data is transmitted to an authentication server (in the first 
attempt), which is spatially separated from the access apparatus) - see figure 13, column 2 lines 
39-57, and column 3 line 64 - column 4 line 18, for example. 

i. Verifying the biometric features captured with a pre-stored biometric feature in the server 
(It is determined whether the received biometrics data has corresponding biometrics data in the 
database for authentication) - see figure 13, column 5 lines 36-52, column 2 lines 39-57, and 
column 3 line 64 - column 4 line 18, for example. 

i. Wherein upon positive identification and verification of the individual access is 
given to an auxiliary means such as but not limited to access to secured doors, database, 
computer network, or servers (Access is given to e-commerce over a communications 
network if the biometric matches a biometric associated with an ID in the database) - see 
column 1 and column 5 lines 4-16, for example. 
6. As discussed above, Uchida teaches that registration is performed into a database by a user 
supplying their fingerprint and ID to the machine, which is sent to the authentication server for 
registration, and the data is stored in the server - see column 4 line 56 - column 5 line 3 and column 5 
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lines 17-24, for example. Uchida does not expressly teach that the data features are encrypted or that the 
step is performed before a user inputs their biometric feature for authorization. However, for basic 
security purposes, and to maintain uniformity throughout the system, the skilled artisan would recognize 
that it is the intention of Uchida that the features be extracted and encrypted. 

7. Uchida does not teach that the encryption is based on factors including the computing power of 
the computers and network bandwidth. 

8. Lindo et al. teach a method wherein encryption operations may be selected by the user and may 
be defaulted depending on the available bandwidth - see [0082], for example. Although the references do 
not expressly teach that the encryption method is also selected based on computing power, it is clear that 
a method would not be selected where the devices do not have enough computing power to process the 
encryption in a timely manner, or else the method would be inefficient and non-functional without 
upgrades. Therefore, the skilled artisan would know that when selecting the encrypting method based on 
the bandwidth, as taught by Undo, the user would certainly lake into consideration if the computing 
devices could not handle certain types of encryption, for example. 

9. Neither Uchida nor Lindo et al. teach a sending the data to a different server in case of failure. 

10. Bianco et al. beneficially teach that an alternate biometric server is used as a backup server to 
biometric data and stores the exact same data so that a server is always available to authenticate users - 
see column 10 lines 28-35, for example. Please note that the designated server must be either spatially 
separated or part of the access apparatus. 

11. Uchida, Lindo et al., and Bianco et al. do not teach that the sever is located in a separate country. 

12. McCabe beneficially teaches that two backup servers should be used and that one can be located 
on the opposite end of the country and the other can be located on a different continent - see [0109], for 
example. 
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13. It would have been obvious to one of ordinary skill in the art at to create the invention as claimed 
for the following reasons. It would have been obvious to one of ordinary skill in the art at the time the 
claimed invention was made to modify the teachings of Uchida by allowing the encryption method to be 
determined based on computing power and available bandwidth, for the purpose of maintaining a 
functional system without having to perform major system upgrades, based upon the beneficial teachings 
provided by Lindo et al. It also would have been obvious to one of ordinary skill in the art at the time the 
claimed invention was made to modify the teachings of Uchida and Lindo et al. by using a backup server 
to be available in the event of failure, for the purpose of making authentication always available to users, 
based upon the beneficial teachings provided by Bianco et al. It would have also been obvious to one of 
ordinary skill in the art at the time the claimed invention was made to modify the teachings of Uchida, 
Lindo et al., and Bianco et al. by locating the server in another country, for the purpose of increased 
security, based upon the beneficial teachings provided by McCabe. These modifications would result in 
increased power conservation, efficiency, backup protection, and security, all of which are obvious 
benefits to the skilled artisan. Additionally, the cited references are in the field of cryptography, as is the 
current application, and thus, are in analogous arts. 

14. Regarding claim 2, Uchida teaches that the server is spatially separated from access apparatus - 
see figure 13 and column 2 lines 39-56, for example. 

15. Regarding claim 1 1 , Uchida teaches comparing the biometric features with known biometric 
features from a database and by a PIN (ID) - see - see figure 13, column 5 lines 36-52, column 2 lines 39- 
57, column 5 lines 4-16, and column 3 line 64 - column 4 line 18, for example. 
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16. Regarding claims 13 and 14. Uchida leaches that the features are stored at the server itself - see 
figure 13 and column 2 lines 39-56, for example. 

17. Regarding claim 8, Uchida teaches that the particulars are an ID (alpha numeral) - see column 4 
line 56 - column 5 line 3 and column 5 lines 17-24, for example. 

18. Regarding claim 12, using or eliminating the PIN or user ID is merely a matter of design choice 
based on security preferences, and is well within the purview of the skilled artisan to discern. 

19. Claims 15-20, 23, and 24 are rejected under 35 U.S.C. 103(a), as being unpatentable over 
Uchida (US 7,246,243) in view of Lindo et al. (US 2002/0099858) 

20. Regarding claim 15, Uchida teaches an electronic means of identifying and verifying an 
individual presenting for such identification and verification including: 

j. A means to capture at least one type of biometric features of the individual (A user's 
fingerprint is detected by a fingerprint sensor and features are extracted) - see figure 13 and 
column 3 line 64 - column 4 line 18, for example. 

k. A software means to encrypt in a dynamic manner the biometric features (The features 
are encrypted using a secret key generated by a cipher key generator) - see figure 13 and column 
3 line 64 - column 4 line 18, for example. 

1. A transmission means wherein the encrypted biometric features of the individual are 
transmitted to a server (The encrypted data is transmitted to an authentication server) - see figure 
13, column 2 lines 39-57, and column 3 line 64 - column 4 line 18, for example, 
m. A software means to capture the encrypted biometric features presented for identification 
and verification against stored encrypted biometric features of a purported individual (It is 
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determined whether the received biometrics data has corresponding biometrics data in the 
database for authentication and identification (A user's identifier ID- A is compared)) - see figure 
13, column 5 lines 36-52, column 2 lines 39-57, column 5 lines 4-16, and column 3 line 64 - 
column 4 line 18, for example. 

n. A means to give access to other databases or software if a positive identification and 
verification is made and to deny such access if a negative identification and verification is made 
(Access is given to e-commerce over a communications network if the biometric matches a 
biometric associated with an ID in the database. Denial or authorization is given based on the 
match) - see column 1, figure 11, and column 5 lines 4-16, for example. Please note that this 
would inherently require access to some type of software and/or database. 

21. Uchida does not teach that the encryption is based on factors including the computing power of 
the computers and network bandwidth. 

22. Lindo et al. teach a method wherein encryption operations may be selected by the user and may 
be defaulted depending on the available bandwidth - see [0082], for example. Although the references do 
not expressly teach that the encryption method is also selected based on computing power, it is clear that 
a method would not be selected where the devices do not have enough computing power to process the 
encryption in a timely manner, or else the method would be inefficient and non-functional without 
upgrades. Therefore, the skilled artisan would know that when selecting the encrypting method based on 
the bandwidth, as taught by Lindo, the user would certainly take into consideration if the computing 
devices could not handle certain types of encryption, for example. 

23. It would have been obvious to one of ordinary skill in the art at to create the invention as claimed 
for the following reasons. It would have been obvious to one of ordinary skill in the art at the time the 
claimed invention was made to modify the teachings of Uchida by allowing the encryption method to be 
determined based on computing power and available bandwidth, for the purpose of maintaining a 
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functional system without having to perform major system upgrades, based upon the beneficial teachings 
provided by Lindo et al. These modifications would result in increased power conservation and 
efficiency, both of which are obvious benefits to the skilled artisan. Additionally, the cited references are 
in the field of cryptography, as is the current application, and thus, are in analogous arts. 

24. Regarding claim 19, Uchida teaches an electronic means of identifying and verifying an 

individual presenting for such identification and verification including: 

o. Access apparatus with a means to capture at least one biometric raw data of an individual 
in a secure manner using dynamic encryption (A user's fingerprint is detected by a fingerprint 
sensor and is encrypted) - see figure 13 and column 3 line 64 - column 4 line 18, for example, 
p. Circuitry to extract any features of the biometric raw data from the means to capture the 
biometric raw data (A user's fingerprint is captured, and features, such as ridge patterns, of the 
fingerprint are extracted) - see figure 13 and column 3 line 64 - column 4 line 18, for example, 
q. Circuitry to encrypt the key features of the biometric raw data in a dynamic manner (The 
features are encrypted using a secret key generated by a cipher key generator) - see figure 13 and 
column 3 line 64 - column 4 line 18, for example. 

r. Transmission means to transmit encrypted data of the biometric features to at least one 
server (The encrypted data is transmitted to an authentication server) - see figure 13, column 2 
lines 39-57, and column 3 line 64 - column 4 line 18, for example. 

s. At least one server to receive and store the encrypted data of the biometric feature of the 
individual (The authentication server stores the received data) - see figure 13, column 2 lines 39- 
57, and column 3 line 64 - column 4 line 18, for example. 

t. Circuitry to verify and/or identify the encrypted data against pre-stored encrypted 
biometric data in the server (It is determined whether the received biometrics data has 
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corresponding biometrics data in the database for authentication and identification (A user's 
identifier ID-A is compared)) - see figure 13, column 5 lines 36-52, column 2 lines 39-57, column 
5 lines 4-16, and column 3 line 64 - column 4 line 18, for example. 

25. Uchida does not teach that the encryption is based on factors including the computing power of 
the computers and network bandwidth. 

26. Lindo et al. teach a method wherein encryption operations may be selected by the user and may 
be defaulted depending on the available bandwidth - see [0082], for example. Although the references do 
not expressly teach that the encryption method is also selected based on computing power, it is clear that 
a method would not be selected where the devices do not have enough computing power to process the 
encryption in a timely manner, or else the method would be inefficient and non-functional without 
upgrades. Therefore, the skilled artisan would know that when selecting the encrypting method based on 
the bandwidth, as taught by Lindo, the user would certainly take into consideration if the computing 
devices could not handle certain types of encryption, for example. 

27. It would have been obvious to one of ordinary skill in the art at to create the invention as claimed 
for the following reasons. It would have been obvious to one of ordinary skill in the art at the time the 
claimed invention was made to modify the teachings of Uchida by allowing the encryption method to be 
determined based on computing power and available bandwidth, for the purpose of maintaining a 
functional system without having to perform major system upgrades, based upon the beneficial teachings 
provided by Lindo et al. These modifications would result in increased power conservation and 
efficiency, both of which are obvious benefits to the skilled artisan. Additionally, the cited references are 
in the field of cryptography, as is the current application, and thus, are in analogous arts. 
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28. Regarding claims 16, and 24, Uchida teaches comparing the biometric features with known 
biometric features from a database and by a PIN (ID) - see - see figure 13, column 5 lines 36-52, column 
2 lines 39-57, column 5 lines 4-16, and column 3 line 64 - column 4 line 18, for example. 

29. Regarding claims 17 and 18, Uchida teaches that the biometric is a fingerprint - see figure 13 and 
column 3 line 64 - column 4 line 18, for example. 

30. Regarding claim 20, Uchida teaches that the server is spatially separated from access apparatus - 
see figure 13 and column 2 lines 39-56, for example. 

31. Regarding claim 23, Uchida teaches that the features are stored at the server itself - see figure 13 
and column 2 lines 39-56, for example. 

32. Claim 21 is rejected under 35 U.S.C. 35 U.S.C. 103(a) as being unpatentable over Uchida in 
view of Lindo et al., and further in view of Bianco et al. (US 6,256,737). 

33. The teachings of Uchida and Lindo et al. are relied upon for the reasons set forth above. 

34. Regarding claim 21, Uchida and Lindo et al. do not teach a backup server that the data is rerouted 
to in a case of failure. 

35. Bianco et al. beneficially teach that an alternate biometric server is used as a backup server to 
biometric data and stores the exact same data so that a server is always available to authenticate users - 
see column 10 lines 28-35, for example. 

36. It would have been obvious to one of ordinary skill in the art at to create the invention as claimed 
for the following reasons. It would have been obvious to one of ordinary skill in the art at the time the 
claimed invention was made to modify the teachings of Uchida by allowing a backup server to be 
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available in the event of failure, for the purpose of making authentication always available to users, based 
upon the beneficial teachings provided by Bianco et al. and Lindo et al. These modifications would result 
in increased security and efficiency, both of which are obvious benefits to the skilled artisan. 
Additionally, the cited references are in the field of biometric authentication, as is the current application, 
and thus, are in analogous arts. 

37. Claim 22 is rejected under 35 U.S.C. 35 U.S.C. 103(a) as being unpatentable over Uchida in 
view of Lindo et al., and further in view of Robinson et al. (US 2008/0271116). 

38. The teachings of Uchida and Lindo et al. are relied upon for the reasons set forth above. 

39. Regarding claim 22, Uchida and Lindo et al. do not teach that a token is used in addition to the 
biometric sample. 

40. Robinson et al. beneficially teach that in addition to a biometric sample, a token with 
identification information can be presented for identification verification - see [0049], for example. 

41. It would have been obvious to one of ordinary skill in the art at to create the invention as claimed 
for the following reasons. It would have been obvious to one of ordinary skill in the art at the time the 
claimed invention was made to modify the teachings of Uchida and Lindo et al. by allowing a token to be 
used in addition to the biometrics, for the purpose of increased security and ease of use, based upon the 
beneficial teachings provided by Robinson et al. Additionally, the cited references are in the field of 
biometrics, as is the current application, and thus, are in analogous arts. 

Conclusion 

A reference to specific paragraphs, columns, pages, or figures in a cited prior art reference is not 
limited to preferred embodiments or any specific examples. It is well settled that a prior art reference, in 
its entirety, must be considered for all that it expressly teaches and fairly suggests to one having ordinary 
skill in the art. Stated differently, a prior art disclosure reading on a limitation of Applicant's claim cannot 
be ignored on the ground that other embodiments disclosed were instead cited. Therefore, the Examiner's 
citation to a specific portion of a single prior art reference is not intended to exclusively dictate, but 
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rather, to demonstrate an exemplary disclosure commensurate with the specific limitations being 
addressed. In re Heck, 699 F.2d 1331, 1332-33,216 USPQ 1038, 1039 (Fed. Cir. 1983) (quoting In re 
Lemelson, 397 F.2d 1006, 1009, 158 USPQ 275, 277 (CCPA 1968)). In re: Upsher-Smith Labs. v. 
Pamlab, LLC, 412 F.3d 1319, 1323, 75 USPQ2d 1213, 1215 (Fed. Cir. 2005); In re Fritch, 972 F.2d 
1260, 1264, 23 USPQ2d 1780, 1782 (Fed. Cir. 1992); Merck & Co. v. Biocraft Labs., Inc., 874 F.2d 
804,807, 10 USPQ2d 1843, 1846 (Fed. Cir. 1989); In re Fracalossi, 681 F.2d 792,794 n. 1,215 USPQ 
569, 570 n.l (CCPA 1982); In re Lamberti, 545 F.2d 747, 750, 192 USPQ 278,280 (CCPA 1976); In re 
Bozek, 416 F.2d 1385, 1390, 163 USPQ 545, 549 (CCPA 1969). 

Any inquiry concerning this communication or earlier communications from the examiner should 
be directed to Lisa Lewis whose telephone number is (571) 270-7724. The examiner can normally be 
reached on Monday - Friday, 6:30 a.m. - 3:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Nasser Moazzami can be reached on (571) 272-4195. The fax phone number for the organization where 
this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be obtained 
from either Private PAIR or Public PAIR. Status information for unpublished applications is available 
through Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer 
Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR 
CANADA) or 571-272-1000. 

/L. L./ 

Examiner, Art Unit 2436 



/Nasser Moazzami/ 

Supervisory Patent Examiner, Art Unit 2436 



